Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 26 subscribers
  • Views 990 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG 430 SMS gateway integration for guest registration

Akshay Hegde

So far I had gone through 

https://support.sophos.com/support/s/article/KB-000038037?language=en_US

https://docs.sophos.com/nsg/sophos-firewallmanager/v17.0.0/Help/en-us/webhelp/onlinehelp/index.html#page/onlinehelp/SMSGWProfileEdit.html

Still no clarity on what Sophos Controller expects internally the response format. I had even logged case but not received any help.

I am using 2factor api which returns me json string like below, I am able to deliver OTP to users through my internal API server however users are unable to login using received username and numeric OTP ( 6 digit ). Also registered users not getting listed in Sophos Admin Web Console.

{
  "Status": "Success",
  "Details": "ff9ab5b0-452e-11e7-94da-0200cd936042"
}

As you can see above both variables Status as well as Details will have always string.

1. What are the variables Sophos requires in response to create users ? whether its JSON or XML response ? if some variables say 'status' and 'message' , whether they should have values in integer or string or boolean ?

When somebody tries to re-register 

Registration page says user exists but web console guest list is empty

Even though user already exists, web console guest users list is completely emptyWeb console is empty list even though users created

Users receiving OTP and username but can't login error msg is username / password not found.

OTP users are getting but sign is says username/password not found

Is this Sophos BUG or I am missing something ?



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to emmosophos

    Version: XG430 (SFOS 18.5.2 MR-2-Build380) in HA active-active

    Case ID: 04986354, 04999624

  • 0 in reply to emmosophos

    Looking for solution even though I received username and password as shown in OTP screenshort, its not getting authenticated in Sophos. says 

     "Login failed, Invalid user name / password. Please contact administrator"  

  • 0 in reply to Akshay Hegde

    Hello there,

    Thank you for the Case IDs.

    Since they’re duplicated I would recommend you to close one.

    Please submit the access_server.log to case 04986354.

    In any case, I am not sure if this should go through your Sales Engineer, but I would recommend you to get a hold of them to assist you with this. 

    I will also send an email to the KB/Doc team about the questions you mentioned in your other post.

    Regards,

  • 0 in reply to emmosophos
    Its clearly BUG:

    Users registered manually in web UI under Guests are getting authenticated but
    Users registered through SMS are  not even listed in web UI and they can't login.
    KB/Doc nothing updated.
    No point of having Enhanced Support licence very pathetic experience.
    I did my genuine review on Sophos:
  • 0 in reply to Akshay Hegde

    Hello Akshay,

    I reached out to the Escalation Managers, and both of your cases will be moved to your region as one of them it’s being worked in a different time zone.

    Also, you will be reached out by your Account Manager/Technical Manager to go over your case and channel the correct resources (PS/SIS) as this seems to be related to your API and being also a configuration/deployment which is outside of the scope of support, if they do find this is an issue with the XG then your case might get escalated through the appropriate Technical Support channels.

    Note: The users won’t show on the UI until they authenticate to the device.

    Regards,

  • 0 in reply to emmosophos

    Configuration and API is working fine as you can see in attached screenshots users are receiving username, password and validity through sms. But when they try to login using same credentials they get login failed.

    At least I wanted to have clarity on KB docs in which it is not mentioned required response format plain text / XML / json ? And required response parameters

    Did you get my point ?